[Pkg-gnupg-commit] r112 - in /gnupg/branches/etch/debian: changelog patches/00list patches/101_172115_fix_keyring_memory_leak.dpatch patches/101_321871_unset_noecho_on_sigint.dpatch

dleidert-guest at users.alioth.debian.org dleidert-guest at users.alioth.debian.org
Sat May 30 19:26:14 UTC 2009 

Author: dleidert-guest
Date: Sat May 30 19:26:14 2009
New Revision: 112

URL: http://svn.debian.org/wsvn/pkg-gnupg/?sc=1&rev=112
Log:
* debian/patches/101_172115_fix_keyring_memory_leak.dpatch: Added.
  - g10/keyring.c (keyring_get_keyblock): Fix a memory leak due to
    ring_trust packets, which slowed down import of large keyrings
    leading to potential DoS (closes: #172115, #345911).
* debian/patches/101_321871_unset_noecho_on_sigint.dpatch: Added.
  - g10/signal.c (got_fatal_signal), util/ttyio.c (tty_cleanup_after_signal),
    include/ttyio.h: Cleanup terminal attributes on interrupt (closes:
    #321871).

Added:
    gnupg/branches/etch/debian/patches/101_172115_fix_keyring_memory_leak.dpatch   (contents, props changed)
      - copied, changed from r109, gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch
    gnupg/branches/etch/debian/patches/101_321871_unset_noecho_on_sigint.dpatch
      - copied, changed from r109, gnupg/branches/lenny/debian/patches/101_321871_unset_noecho_on_sigint.dpatch
Modified:
    gnupg/branches/etch/debian/changelog
    gnupg/branches/etch/debian/patches/00list

Modified: gnupg/branches/etch/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/etch/debian/changelog?rev=112&op=diff
==============================================================================
--- gnupg/branches/etch/debian/changelog (original)
+++ gnupg/branches/etch/debian/changelog Sat May 30 19:26:14 2009
@@ -1,6 +1,13 @@
 gnupg (1.4.6-2+etch1) UNRELEASED; urgency=low
 
-  * 
+  * debian/patches/101_172115_fix_keyring_memory_leak.dpatch: Added.
+    - g10/keyring.c (keyring_get_keyblock): Fix a memory leak due to
+      ring_trust packets, which slowed down import of large keyrings
+      leading to potential DoS (closes: #172115, #345911).
+  * debian/patches/101_321871_unset_noecho_on_sigint.dpatch: Added.
+    - g10/signal.c (got_fatal_signal), util/ttyio.c (tty_cleanup_after_signal),
+      include/ttyio.h: Cleanup terminal attributes on interrupt (closes:
+      #321871).
 
  -- Daniel Leidert (dale) <daniel.leidert at wgdd.de>  Sat, 30 May 2009 21:23:34 +0200
 

Modified: gnupg/branches/etch/debian/patches/00list
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/etch/debian/patches/00list?rev=112&op=diff
==============================================================================
--- gnupg/branches/etch/debian/patches/00list (original)
+++ gnupg/branches/etch/debian/patches/00list Sat May 30 19:26:14 2009
@@ -3,3 +3,5 @@
 24_gpgv_manpage_cleanup
 25_de.po_fixes
 28_multiple_message
+101_172115_fix_keyring_memory_leak
+101_321871_unset_noecho_on_sigint

Copied: gnupg/branches/etch/debian/patches/101_172115_fix_keyring_memory_leak.dpatch (from r109, gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch)
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/etch/debian/patches/101_172115_fix_keyring_memory_leak.dpatch?rev=112&op=diff
==============================================================================
--- gnupg/branches/lenny/debian/patches/101_172115_fix_keyring_memory_leak.dpatch (original)
+++ gnupg/branches/etch/debian/patches/101_172115_fix_keyring_memory_leak.dpatch Sat May 30 19:26:14 2009
@@ -12,10 +12,10 @@
 ## DP: <URL:http://lists.gnupg.org/pipermail/gnupg-commits/2009-May/008225.html>
 
 @DPATCH@
-diff -urNad lenny~/g10/keyring.c lenny/g10/keyring.c
---- lenny~/g10/keyring.c	2007-10-23 09:50:34.000000000 +0200
-+++ lenny/g10/keyring.c	2009-05-22 16:00:10.000000000 +0200
-@@ -430,27 +430,31 @@
+diff -urNad etch~/g10/keyring.c etch/g10/keyring.c
+--- etch~/g10/keyring.c	2005-07-27 19:02:56.000000000 +0200
++++ etch/g10/keyring.c	2009-05-30 21:19:41.000000000 +0200
+@@ -432,27 +432,31 @@
              /* reset lastnode, so that we set the cache status only from
               * the ring trust packet immediately folling a signature */
              lastnode = NULL;

Propchange: gnupg/branches/etch/debian/patches/101_172115_fix_keyring_memory_leak.dpatch
------------------------------------------------------------------------------
    svn:executable = *

Copied: gnupg/branches/etch/debian/patches/101_321871_unset_noecho_on_sigint.dpatch (from r109, gnupg/branches/lenny/debian/patches/101_321871_unset_noecho_on_sigint.dpatch)
URL: http://svn.debian.org/wsvn/pkg-gnupg/gnupg/branches/etch/debian/patches/101_321871_unset_noecho_on_sigint.dpatch?rev=112&op=diff
==============================================================================
--- gnupg/branches/lenny/debian/patches/101_321871_unset_noecho_on_sigint.dpatch (original)
+++ gnupg/branches/etch/debian/patches/101_321871_unset_noecho_on_sigint.dpatch Sat May 30 19:26:14 2009
@@ -12,10 +12,10 @@
 ## DP: <URL:http://lists.gnupg.org/pipermail/gnupg-commits/2009-May/008256.html>
 
 @DPATCH@
-diff -urNad lenny~/g10/gpgv.c lenny/g10/gpgv.c
---- lenny~/g10/gpgv.c	2007-10-23 09:50:34.000000000 +0200
-+++ lenny/g10/gpgv.c	2009-05-29 18:04:54.000000000 +0200
-@@ -417,6 +417,7 @@
+diff -urNad etch~/g10/gpgv.c etch/g10/gpgv.c
+--- etch~/g10/gpgv.c	2006-03-05 15:41:35.000000000 +0100
++++ etch/g10/gpgv.c	2009-05-30 21:20:48.000000000 +0200
+@@ -420,6 +420,7 @@
  void tty_kill_prompt(void) {}
  int tty_get_answer_is_yes( const char *prompt ) {return 0;}
  int tty_no_terminal(int onoff) {return 0;}
@@ -23,10 +23,10 @@
  #ifdef HAVE_LIBREADLINE
  void tty_enable_completion(rl_completion_func_t *completer) {}
  void tty_disable_completion(void) {}
-diff -urNad lenny~/g10/signal.c lenny/g10/signal.c
---- lenny~/g10/signal.c	2007-10-23 09:50:34.000000000 +0200
-+++ lenny/g10/signal.c	2009-05-29 18:03:28.000000000 +0200
-@@ -88,6 +88,7 @@
+diff -urNad etch~/g10/signal.c etch/g10/signal.c
+--- etch~/g10/signal.c	2005-07-27 19:02:56.000000000 +0200
++++ etch/g10/signal.c	2009-05-30 21:20:48.000000000 +0200
+@@ -90,6 +90,7 @@
      rl_free_line_state ();
      rl_cleanup_after_signal ();
  #endif
@@ -34,20 +34,20 @@
  
      /* Better don't translate these messages. */
      write(2, "\n", 1 );
-diff -urNad lenny~/include/ttyio.h lenny/include/ttyio.h
---- lenny~/include/ttyio.h	2007-10-23 10:47:28.000000000 +0200
-+++ lenny/include/ttyio.h	2009-05-29 18:03:28.000000000 +0200
-@@ -53,5 +53,6 @@
+diff -urNad etch~/include/ttyio.h etch/include/ttyio.h
+--- etch~/include/ttyio.h	2005-07-27 19:02:56.000000000 +0200
++++ etch/include/ttyio.h	2009-05-30 21:20:48.000000000 +0200
+@@ -55,5 +55,6 @@
  #define tty_enable_completion(x)
  #define tty_disable_completion()
  #endif
 +void tty_cleanup_after_signal (void);
  
  #endif /*G10_TTYIO_H*/
-diff -urNad lenny~/util/ttyio.c lenny/util/ttyio.c
---- lenny~/util/ttyio.c	2007-10-23 09:55:31.000000000 +0200
-+++ lenny/util/ttyio.c	2009-05-29 18:03:28.000000000 +0200
-@@ -122,6 +122,14 @@
+diff -urNad etch~/util/ttyio.c etch/util/ttyio.c
+--- etch~/util/ttyio.c	2005-12-20 18:24:32.000000000 +0100
++++ etch/util/ttyio.c	2009-05-30 21:20:48.000000000 +0200
+@@ -124,6 +124,14 @@
  }
  #endif

More information about the Pkg-gnupg-commit mailing list